Rights conflict and coordination in situation of data portability
Rights conflict and coordination in situation of data portability Wang Xinchen1,Shen Liaojia2
(1Intellectual Property Research Institute, University of Science and Technology of China, Hefei 230026, China; 2School of Law, Southeast University, Nanjing 211189, China)
Abstract: Whether it can effectively address the collision of the right to data portability is not only the key aspects for the right to portability strategy in countries, but also the core of the success or failure of the system. From the perspective of the essence of rights, the right of portability emerges as a tool to achieve a balance of interests of multiple subjects, it also plays an extremely special role in the bundle of personal information rights due to the positive impacts and the substance of being human. Taking judicial practice as a mirror, the only way to break the shackles of data transfer and distribution of data interests is to get rid of the “Triple Authorization Principle” and the AntiUnfair Competition Law and face up to the various types of the collision of the right to data portability. Starting from a typical scenario, the collision of the right to data portability is mainly reflected in the derogation of personal information, the infringement of intellectual property rights as well as the threat to data security. It is advised to establish a resolution mechanism of collision of right under the various situation, designing from the four aspects of the legislative concept, object boundary, legal interaction, and security guarantee, so as to achieve a “perfect closed loop ” of the right to data portability system in China.
Key words : the right to data portability; personal information protection; collision of rights; data security
0 引言
數(shù)據(jù)可攜帶權(quán)(以下簡(jiǎn)稱可攜帶權(quán))是由我國(guó)《個(gè)人信息保護(hù)法》第45條第3款確立的新興權(quán)利,其含義為個(gè)人作為數(shù)據(jù)的源頭有權(quán)請(qǐng)求數(shù)據(jù)處理者將特定個(gè)人信息轉(zhuǎn)移至其他的數(shù)據(jù)處理者,而數(shù)據(jù)控制者應(yīng)當(dāng)予以必要的協(xié)助[1]。可攜帶權(quán)起源于歐盟的《通用數(shù)據(jù)保護(hù)條例》(General Data Protection Regulations,GDPR),又陸續(xù)被美國(guó)、巴西和印度等國(guó)家引入。一般認(rèn)為,可攜帶權(quán)是用戶制衡數(shù)據(jù)控制者和數(shù)據(jù)處理者的策略性工具,肩負(fù)著塑造數(shù)字人格、消解鎖定效應(yīng)、抑制數(shù)據(jù)壟斷和激發(fā)創(chuàng)新活力的制度理想。近年來(lái),除了《個(gè)人信息保護(hù)法》,相關(guān)部門又相繼在《中國(guó)人民銀行金融消費(fèi)者權(quán)益保護(hù)實(shí)施辦法(征求意見(jiàn)稿)》《信息安全技術(shù) 個(gè)人信息安全規(guī)范》(GB/T 35273-2020)《網(wǎng)絡(luò)數(shù)據(jù)安全管理?xiàng)l例(征求意見(jiàn)稿)》等文件對(duì)數(shù)據(jù)攜帶問(wèn)題進(jìn)行了回應(yīng),所涉條文覆蓋了可攜帶權(quán)的定義、可攜帶情形和數(shù)據(jù)處理者風(fēng)險(xiǎn)提示義務(wù)等內(nèi)容。
